Packets, pcaps, Python and Maltego

Projects

Disclaimer

This is my personal blog, all data and information provided on this site is for informational purposes only. The views expressed on these pages are mine alone and not those of my employer.

I will from time to time post something that might be slightly or massively inaccurate, this is not due to laziness but merely to the fact that I'm not perfect and let’s face it neither are you, otherwise you wouldn't be reading my blog (unless Google lied to you..).

I welcome all comments and emails, which are presented in a positive and constructive manner, however I withhold the right to delete or not publish any comments that I feel are "negative". After all if you are taking the time to read and then comment why not do it in a positive manner.

Site Admin

OSCP – Useful resources

Inspired by a conversation I had on twitter today with @Balgan (who has just started his OSCP adventure, so everyone wish him luck), and due to the fact that I’ve now managed to root all the boxes in the lab (thank you, thank you) I thought I would post some of the interweb based resources I’ve found useful during my adventure (without giving anything away about the content of the labs).

You probably already know most of these but here they are anyway..

1. Google – yes I know I keep going on about this “Google” thing, but think of it like this, unless you are a InfoSec God that can just look at a machine and get it to pop a shell (a bit like the Fonzie) then you aren’t re-inventing the wheel and the chances are someone has already exploited what you are looking at.

2. exploit-db.com – Goes without saying that this should be your first port of call when looking for an exploit. I’m not keen on the search feature so see point 3.

3. /pentest/exploits/exploitdb – This is on your local copy of backtrack and has is a download of the exploit-db.com, exploit archive. I like the ./searchsploit tool and you can grep the output etc. etc. You can either download the archive file from the website, or update it manually using wget and some bash magic. Or if you are lazy my update code is below:

9. Corelan Team – If you want some light reading on exploit writing, check these guys out. Awesome content that even I can understand.

10. CVE Details – This is a no brainer really, you can find all sorts of exploits (some of the less common ones) here and the nice thing is that down the bottom of the page for an exploit it will tell you if any Metasploit modules relating to it exist.

Well that’s all I can think of, let me know if I’ve missed any obvious ones (no one is perfect remember).